W32.Dabber.B is a variant of W32.Dabber.A
. This worm propagates by exploiting a vulnerability in the FTP server component of W32.Sasser.Worm and its variants.
W32.Dabber.B is based on available exploit code. It installs a backdoor on infected hosts and tries to listen on port 9898. If the attempt fails, W32.Dabber.B tries to listen on ports 9899 through 9999 in sequence until it finds an open port.
This threat is written in C++ and is packed with UPX.
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.